What Standard Frameworks Can The Organizations Adopt To Implement ICFR?
Implementing Internal Control Over Financial Reporting in any organization could be time-consuming and burdensome, particularly as the internal or in-house resources will be preoccupied with their core mandates to deliver on their primary job functions. In addition, knowledge gaps on ICFR and implementation standards and project management methodology could cause serious performance challenges for the in-house resources. Leveraging the expertise of credible external consultant may make a great difference in terms of quality of deliverables, time and cost savings. Whether an organization is using in-house resources or external expertise for the ICFR implementation, the process owners, risk and control owners and the three lines of defense play significant roles in helping the ICFR implementation succeed.
The Securities and Exchange Commission and The Financial Reporting Council of Nigeria through (SEC-Guideline-on-Sec-60-63-of-ISA-2007 (8).pdf and FRC-Guidance-on-Management-Report-on-Internal-Control-over-Financial-Reporting-ICFR-1-1.pdf (frcnigeria.gov.ng) recommended the adoption of COSO Internal Control Framework or any other suitable standard such as Canadian CoCo or UK Turnbull Report for the implementation of the ICFR in Nigeria. CoCo was built on COSO Frameworks and mostly used in Canada, but COSO is the most globally adopted ICFR implementation framework and was used for the compliance of SOX404 ICFR requirements in the United States of America.
Adopting COSO Internal Control Framework to implement Internal Control Over Financial Reporting requires reference to a number of COSO Internal Control–Integrated Framework 2013, a number of other COSO publications such as:
- COSO Internal Control-Integrated Framework: Executive Summary,
- COSO Internal Control-Integrated Framework: Framework and Appendices,
- COSO illustrative Tools:
- Assessing Effectiveness of a System of Internal Control and COSO Internal Control over External Financial Reporting: A Compendium of Approaches and Examples.
Also required for referencing are and the subject guidelines provided by Financial Reporting Council of Nigeria, Securities and Exchange Commission and Institute of Internal Auditors (IIA). The detailed information about COSO Frameworks and the key elements to consider in the ICFR implementation, the control effectiveness testing and reporting templates will be discussed in an upcoming ICFR Part 2 blog.
What Are The Guidelines For Adopting COSO Internal Control Framework For ICFR Compliance?
The Corporate Affairs Commission (CAC) did not prescribe any specific guideline for the implementation of the CAMA 2020 ICFR compliance requirements. The Securities and Exchange Commission (SEC) and Financial Reporting Council of Nigeria (FRC) published guidelines for the ICFR compliance. Organizations are required to reference the sectorial guidelines and COSO Internal Control Framework or any other preferred standard to meet the ICFR compliance. Presented in figure 4 below is an illustration of the key elements that the COSO Internal Integrated Farmwork 2013 recommended for organizations to consider while implementing ICFR and the effectiveness testing and reporting.
Adopting COSO Internal Control Framework or any other standards to comply with ICFR requires good knowledge of a leading practices project management standard such as PMBOK or Prince 2 and the practical real-life applications in project execution.
Thank you for this insightful post. And thanks for creating awareness as some companies are not even aware of the the immense benefits of ICFR
Thank you for free lecture.